CVE-2023-2868 - Barracuda Networks ESG Appliance Improper Input Validation Vulnerability
Project:Barracuda Networks
Product:Email Security Gateway (ESG) Appliance
Date Added:2023-05-26Due Date:2023-06-16
Vulnerability Name
Barracuda Networks ESG Appliance Improper Input Validation Vulnerability
Description
Barracuda Email Security Gateway (ESG) appliance contains an improper input validation vulnerability of a user-supplied .tar file, leading to remote command injection.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://status.barracuda.com/incidents/34kx82j5n4q9
https://nvd.nist.gov/vuln/detail/CVE-2023-2868
Related News Articles
Stealthy 'Magic Packet' malware targets Juniper VPN gatewaysJanuary 23, 2025